package com.alibaba.springbootrbac.controller;


import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;
import java.util.stream.Collectors;
/**
 * @author ZhouYaDong
 * @date 2025/8/24
 * @description
 */
@RestController
public class DebugController {

    /**
     * 调试当前登录用户的权限
     */
    @GetMapping("/debug/authorities")
    public List<String> getCurrentUserAuthorities() {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();

        if (auth == null) {
            return List.of("当前没有登录用户或 SecurityContext 未注入 Authentication");
        }

        List<String> authorities = auth.getAuthorities()
                .stream()
                .map(GrantedAuthority::getAuthority)
                .collect(Collectors.toList());

        System.out.println("当前用户: " + auth.getName() + ", 权限: " + authorities);

        return authorities;
    }

}
